<?php
if($_SESSION['group_id']!=2){redir("./");exit;}

if($_GET['op']==''){
?>
<div class="box">
  <h3>ข่าวประชาสัมพันธ์ของท่าน</h3>
  <div>
  	<form method="get">
		<input name="search" value="<?php echo $search;?>" />
		<input type="hidden" name="mod" value="<?php echo $mod;?>" />
		<input type="submit" value="ค้นหา" />
        <input type="button" value="เพิ่ม" onclick="location.href='<?php echo "?mod=$mod&op=add";?>'" />
	</form>
  </div>
  <div class="boxContent">
  <?php
  $where=" where m_id=$_SESSION[m_id] and news_subject like '%$search%'";
  $sql="select * from news $where order by news_addtime desc";
  $res=mysql_query($sql) or die(mysql_error());
  $page=$_GET['page'];
  if(!$page)$page=1;
  $allrows=mysql_num_rows($res);
  $allpage=ceil($allrows/$cfg_limit);
  $limitstart=($page-1)*$cfg_limit;
  $sql.=" limit $limitstart,$cfg_limit";
  $res=mysql_query($sql);
  $pageurl="?mod=$mod&search=$search";
  if($allrows>0){
  ?>
    <form method="post">
	<table width="100%">
      <tr>
        <td width="10"><strong>#</strong></td>
        <td><strong>หัวเรื่อง</strong></td>
        <td align="center">วันที่ประกาศ</td>
        <td colspan="2" align="center"><strong>ดำเนินการ</strong></td>
	  </tr>
	  <?php
	  	$res=mysql_query($sql);
		$i=0;
	  	while($row=mysql_fetch_assoc($res)){
			++$i;
	  		$class=($i%2!=0)?'rowA':'rowB';
	  ?>
      <tr class="<?php echo $class;?>">
        <td width="10"><?php echo $i;?></td>
        <td><?php echo $row['news_subject'];?></td>
        <td align="center"><?php echo $row['news_addtime'];?></td>
        <td align="center"><?php echo "<a href=?mod=$mod&op=edit&news_id=$row[news_id]>แก้ไข</a>";?></td>
        <td align="center"><?php echo "<a href=?mod=$mod&op=del&news_id=$row[news_id] onclick=\"return confirm('ยืนยันการลบ');\">ลบ</a>";?></td>
        </tr>
	  <?php
	  }
	  ?>
    </table>
	</form>
  <?php
  	pagemenu($pageurl,$page,$allpage);
  }else{
  	echo "<div id=error_msg>ไม่พบข้อมูล</div>";
  }
  ?>
  </div>
</div>
<?php
}else if($_GET['op']=='add'){
	if($_POST['op']=='add'){
		$news_subject=$_POST['news_subject'];
		$news_detail=$_POST['news_detail'];
		if(!$news_subject)$err="กรุณากรอก หัวเรื่อง";
		else if(!$news_detail)$err="กรุณากรอก รายละเอียด";
		else{
			$sql="insert into news(news_subject, news_detail, news_addtime, m_id) values('$news_subject', '$news_detail', now(), '$_SESSION[m_id]')";
			mysql_query($sql);
			redir("?mod=$mod",5);
			die("<div id=com_msg>เพิ่มข้อมูลเรียบร้อยแล้วกรุณารอสักครู่ <img src=images/load.gif></div>");
		}
	}
?>
<div class="box">
  <h2>เพิ่มข่าวสาร</h2>
  <?php if($err)echo "<div id=error_msg>$err</div>";?>
  <div class="boxContent">
    <p> </p>
    <form method="post" enctype="multipart/form-data">
      <table width="99%" border="0" cellspacing="2" cellpadding="2">
        <tr>
          <td width="120"><strong>หัวเรื่อง</strong></td>
          <td><input name="news_subject" type="text" id="news_subject" value="<?php echo $news_subject;?>" /></td>
        </tr>
        <tr>
          <td><strong>รายละเอียด</strong></td>
          <td>&nbsp;</td>
        </tr>
        <tr>
          <td colspan="2" align="center"><textarea name="news_detail"><?php echo $news_detail;?></textarea>
            <script type="text/javascript" src="ckeditor/ckeditor.js"></script>
            <script type="text/javascript">
                        //<![CDATA[
                            CKEDITOR.replace( 'news_detail',{
                
                            skin            : 'kama',
                            language        : 'th',
                            height            : 400,
                            width            : 650,
                
                            toolbar :
                        [
                            ['Source','-','Save','NewPage','Preview'],
                            ['Cut','Copy','Paste','PasteText','PasteFromWord'],
                            ['Undo','Redo','-','Find','Rebeauty','-','SelectAll','RemoveFormat'],
                            '/',
                            ['Bold','Italic','Underline','Strike','-','Subscript','Superscript'],
                            ['NumberedList','BulletedList','-','Outdent','Indent','Blockquote'],
                            ['JustifyLeft','JustifyCenter','JustifyRight','JustifyBlock'],
                            ['Link','Unlink','Anchor'],
                            ['Image','Flash','Table','HorizontalRule','Smiley','SpecialChar'],
                            '/',
                            ['Format','Font','FontSize'],
                            ['TextColor','BGColor'],
                            ['Maximize', 'ShowBlocks']
                
                        ], 
                
                            filebrowserBrowseUrl : 'ckfinder/ckfinder.html',
                            filebrowserImageBrowseUrl : 'ckfinder/ckfinder.html?Type=Images',
                            filebrowserFlashBrowseUrl : 'ckfinder/ckfinder.html?Type=Flash',
                            filebrowserUploadUrl : 'ckfinder/core/connector/php/connector.php?command=QuickUpload&type=Files',
                            filebrowserImageUploadUrl : 'ckfinder/core/connector/php/connector.php?command=QuickUpload&type=Images',
                            filebrowserFlashUploadUrl : 'ckfinder/core/connector/php/connector.php?command=QuickUpload&type=Flash'
                
                            } );
                        //]]>
                    </script></td>
        </tr>
        <tr>
          <td>&nbsp;</td>
          <td>&nbsp;</td>
        </tr>
      </table>
      <table width="99%" border="0" cellspacing="2" cellpadding="2">
        <tr>
          <td align="center"><input type="submit" class="button" name="Submit" value="บันทึก" />
          <input name="op" type="hidden" id="op" value="add" /></td>
        </tr>
      </table>
    </form>
    </p>
  </div>
</div>
<?php
}else if($_GET['op']=='edit'){
	$row=mysql_fetch_assoc(mysql_query("select * from news where news_id='$_GET[news_id]' and m_id='$_SESSION[m_id]'"));
	if($_POST['op']=='update'){
		$news_subject=$_POST['news_subject'];
		$news_detail=$_POST['news_detail'];
		if(!$news_subject)$err="กรุณากรอก หัวเรื่อง";
		else if(!$news_detail)$err="กรุณากรอก รายละเอียด";
		else{
			$sql="update news set news_subject='$news_subject', news_detail='$news_detail', news_edittime=now() where news_id='$_GET[news_id]' and m_id='$_SESSION[m_id]'";
			mysql_query($sql);
			redir("?mod=$mod",5);
			die("<div id=com_msg>ปรับปรุงข้อมูลเรียบร้อยแล้วกรุณารอสักครู่ <img src=images/load.gif></div>");
		}
	}
?>
<div class="box">
  <h2>แก้ไขข่าวสาร</h2>
  <?php if($err)echo "<div id=error_msg>$err</div>";?>
  <div class="boxContent">
    <p> </p>
    <form method="post" enctype="multipart/form-data">
      <table width="99%" border="0" cellspacing="2" cellpadding="2">
        <tr>
          <td width="120"><strong>หัวเรื่อง</strong></td>
          <td><input name="news_subject" type="text" id="news_subject" value="<?php echo $row['news_subject'];?>" /></td>
        </tr>
        <tr>
          <td><strong>รายละเอียด</strong></td>
          <td>&nbsp;</td>
        </tr>
        <tr>
          <td colspan="2" align="center"><textarea name="news_detail" id="news_detail"><?php echo $row['news_detail'];?></textarea>
            <script type="text/javascript" src="ckeditor/ckeditor.js"></script>
            <script type="text/javascript">
                        //<![CDATA[
                            CKEDITOR.replace( 'news_detail',{
                
                            skin            : 'kama',
                            language        : 'th',
                            height            : 400,
                            width            : 650,
                
                            toolbar :
                        [
                            ['Source','-','Save','NewPage','Preview'],
                            ['Cut','Copy','Paste','PasteText','PasteFromWord'],
                            ['Undo','Redo','-','Find','Rebeauty','-','SelectAll','RemoveFormat'],
                            '/',
                            ['Bold','Italic','Underline','Strike','-','Subscript','Superscript'],
                            ['NumberedList','BulletedList','-','Outdent','Indent','Blockquote'],
                            ['JustifyLeft','JustifyCenter','JustifyRight','JustifyBlock'],
                            ['Link','Unlink','Anchor'],
                            ['Image','Flash','Table','HorizontalRule','Smiley','SpecialChar'],
                            '/',
                            ['Format','Font','FontSize'],
                            ['TextColor','BGColor'],
                            ['Maximize', 'ShowBlocks']
                
                        ], 
                
                            filebrowserBrowseUrl : 'ckfinder/ckfinder.html',
                            filebrowserImageBrowseUrl : 'ckfinder/ckfinder.html?Type=Images',
                            filebrowserFlashBrowseUrl : 'ckfinder/ckfinder.html?Type=Flash',
                            filebrowserUploadUrl : 'ckfinder/core/connector/php/connector.php?command=QuickUpload&type=Files',
                            filebrowserImageUploadUrl : 'ckfinder/core/connector/php/connector.php?command=QuickUpload&type=Images',
                            filebrowserFlashUploadUrl : 'ckfinder/core/connector/php/connector.php?command=QuickUpload&type=Flash'
                
                            } );
                        //]]>
                    </script></td>
        </tr>
        <tr>
          <td>&nbsp;</td>
          <td>&nbsp;</td>
        </tr>
      </table>
      <table width="99%" border="0" cellspacing="2" cellpadding="2">
        <tr>
          <td align="center"><input type="submit" class="button" name="Submit" value="ปรับปรุงข้อมูล" />
              <input name="op" type="hidden" id="op" value="update" /></td>
        </tr>
      </table>
    </form>
    </p>
  </div>
</div>
<?php
}else if($_GET['op']=='del'){
	mysql_query("delete from news where news_id='$_GET[news_id]' and m_id='$_SESSION[m_id]'");
	redir("?mod=$mod&".time());exit;
}
?>